Data breach incident management and recovery
-
News
19 Dec 2024
LockBit ransomware gang teases February 2025 return
An individual associated with the LockBit ransomware gang has broken cover to tease details of a new phase of the cyber criminal operation's activity, which they claim is set to begin in February 2025 Continue Reading
-
Opinion
19 Dec 2024
Innovation, insight and influence: the CISO playbook for 2025 and beyond
From Covid-19 to war in Ukraine, SolarWinds Sunburst, Kaseya, Log4j, MOVEit and more, the past five years brought cyber to mainstream attention, but what comes next? The Computer Weekly Security Think Tank looks ahead to the second half of the 2020s Continue Reading
-
News
27 Sep 2023
City of Las Vegas masters cyber incident response with Darktrace
The high-rolling city of Las Vegas experiences unique cyber security challenges rarely seen elsewhere. CIO Mike Sherwood reveals how he turned to Darktrace to help address incidents quicker and with confidence Continue Reading
-
News
26 Sep 2023
Sony alleged victim of new extortion gang
A little-known threat actor claims it has breached IT systems and networks at electronics and entertainment giant Sony, and is threatening to release the organisation’s data unless paid off Continue Reading
-
News
26 Sep 2023
Cover-ups still the norm in the wake of a cyber incident
Almost half of organisations that have experienced a cyber incident did not report it to the appropriate authorities, according to a report Continue Reading
-
News
26 Sep 2023
Crest and IASME to deliver upcoming NCSC Cyber Exercise programme
Crest and IASME have been tasked with assuring that security services providers signing up to a soon-to-launch NCSC Cyber Incident Exercising scheme are up to the job Continue Reading
-
News
21 Sep 2023
‘Top’ ransomware gangs favour smaller businesses
Despite high-profile attacks on prominent organisations, the world’s most prolific ransomware operations tend to target smaller businesses Continue Reading
-
News
20 Sep 2023
Organisations failing to proactively address insider cyber risk
Organisations are spending less than 10% of their annual security budgets on trying to solve one of the costliest problems in cyber: insider risk Continue Reading
-
News
19 Sep 2023
Okta confirms link to cyber attacks on Las Vegas casinos
Okta CISO David Bradbury confirms widespread speculation about the high-profile cyber attacks on two Las Vegas casino operators, revealing that the threat actors responsible had indeed abused its services as they earlier claimed Continue Reading
-
News
19 Sep 2023
38TB Microsoft data leak highlights risks of oversharing
An accidentally disclosed SAS token with excessive privileges enabled researchers to access nearly 40TB of Microsoft’s data, highlighting the risks of privilege mismanagement and oversharing Continue Reading
-
News
18 Sep 2023
Government seeks industry views on cyber threat to UK CNI
The Science, Innovation and Technology Select Committee is seeking evidence from the cyber sector as it launches an inquiry into the resilience of the UK's critical national infrastructure Continue Reading
-
News
15 Sep 2023
Las Vegas mainstay Caesars Palace likely paid off ransomware crew
Caesars Entertainment, owner of the lavish Roman Empire-themed Caesars Palace casino in Las Vegas, has revealed it also suffered a ransomware attack, and appears to have paid off its hackers Continue Reading
-
News
15 Sep 2023
Manchester police data breach a classic supply chain incident
The developing data breach at Greater Manchester Police follows a cyber attack on the systems of a key supplier of ID services to the force Continue Reading
-
News
14 Sep 2023
Data on over 3,000 Airbus suppliers leaked after breach
An emergent threat actor has leaked details of multiple sensitive Airbus suppliers after claiming to have accessed the firm’s systems having hacked customer Turkish Airlines Continue Reading
-
News
14 Sep 2023
BlackCat on the hook for cyber attack that crippled Vegas casinos
The ALPHV/BlackCat ransomware operation claimed responsibility for an attack that forced MGM Resorts to shut down systems at some of Las Vegas’ most popular gambling venues Continue Reading
-
News
14 Sep 2023
Google, Microsoft and Mozilla push browser updates to foil zero-day
A zero-day in Google’s Chrome browser was first reported by surveillance researchers at The Citizen Lab and Apple, but also affects other browsers Continue Reading
-
News
13 Sep 2023
BianLian ransomware gang holds Save the Children hostage
The dangerous and prolific BianLian ransomware gang claims to have stolen almost 7TB of data from NGO Save the Children, but thankfully the charity’s vital work on the ground appears to be unaffected Continue Reading
-
Blog Post
13 Sep 2023
Is it time for ICO to implement the 2016 Cybersecurity Select Committee recommendations?
turn the corporate priority from data breach notification to enabling staff and customers to report attempts at impersonation, whether or not there is evidence of an actual breach. Such a change ... Continue Reading
-
News
13 Sep 2023
NCSC and ICO sign MoU to forge deeper collaborative links
The scope of the MoU signed by the NCSC and the ICO includes collaboration on new cyber regulations and guidance, and how to support cyber attack victims appropriately and minimise regulatory penalties Continue Reading
-
News
12 Sep 2023
US casino giant MGM Resorts battles 36-hour outage after cyber attack
Multiple systems at US hotel and casino operator MGM went down in the wake of the incident on 10 September, crippling several of Las Vegas’ most prominent casinos Continue Reading
-
News
11 Sep 2023
Professional ransomware gangs clearly a threat, but attacks can be easily stopped
NCSC and NCA report reveals insight into business models and underpinnings of ransomware gangs and their affiliates, but also urges defenders to take heart, as stopping a ransomware attack is not that hard to do Continue Reading
-
News
11 Sep 2023
Polish election questioned after Pegasus spyware used to smear opposition, investigation finds
Senate committee alerts prosecutors over potential crimes by public officials involved in purchasing Pegasus spyware used to monitor and smear political opponents Continue Reading
-
News
08 Sep 2023
Apple patches Blastpass exploit abused by spyware makers
Apple has patched two vulnerabilities that formed an exploit chain which has been allegedly abused by spyware company NSO Continue Reading
-
News
08 Sep 2023
North Koreans using new zero-day to target security researchers
A threat actor linked to the North Korean government is continuing a long-running campaign targeting legitimate security researchers, using an as-yet undisclosed zero-day vulnerability to gain access to their victims Continue Reading
-
News
08 Sep 2023
Sensitive NatWest customer files set to be returned after High Court agreement
Sensitive NatWest customer files set to be secured by bank after years in the home of a data breach whistleblower Continue Reading
-
News
07 Sep 2023
UK and US slap fresh sanctions on Conti ransomware crew
London and Washington DC have imposed sanctions on 11 more members of the cyber criminal gang behind the Conti ransomware attacks Continue Reading
-
News
07 Sep 2023
Microsoft finds Storm-0558 exploited crash dump to steal signing key
Microsoft has published new information on how the Chinese state threat actor Storm-0558 was able to exploit a rare race condition following a crash dump in order to acquire a consumer signing key Continue Reading
-
News
07 Sep 2023
Finnish government to bolster spending on cyber-AI defences
Finland’s government will increase spending on cyber security amid heightened threats from artificial intelligence-based attacks Continue Reading
-
News
06 Sep 2023
Meet the professional BEC op that targeted Microsoft 365 users for years
The so-called W3LL cyber crime operation ran a phishing empire that has played a large role in compromising Microsoft 365 accounts for years. Its activities are now coming to light thanks to Group-IB researchers Continue Reading
-
News
05 Sep 2023
Law firm Fieldfisher launches data breach management tool
UK and European data breach law specialist Fieldfisher has enlisted legal tech specialist Lawcadia to supply a 24-hour data breach notification assessment platform Continue Reading
-
News
05 Sep 2023
Hacked Electoral Commission failed Cyber Essentials audit
The Electoral Commission failed an NCSC Cyber Essentials audit on multiple counts at about the same time as cyber criminals breached its systems in 2021, it has emerged Continue Reading
-
News
05 Sep 2023
NCSC names ex-NCC man as new CTO
New NCSC CTO Ollie Whitehouse joins from NCC Group, having also worked at BlackBerry and Symantec Continue Reading
-
News
04 Sep 2023
LockBit ransomware gang allegedly leaks MoD data after hit on supplier
The UK government appears to have become entangled in a LockBit ransomware attack after data was leaked from a third-party supplier online Continue Reading
-
News
01 Sep 2023
Threat actors exploiting unpatched Juniper Networks devices
A series of vulnerabilities in Juniper Networks firewalls and switches appear to be being exploited in the wild to enable remote code execution, with thousands of devices thought to be exposed Continue Reading
-
Opinion
01 Sep 2023
It might be too soon to claim victory against Qakbot
The multinational operation to take down the Qakbot (aka Qbot) malware has been hailed as a great victory, but Lumu Technologies’ Ricardo Villadiego argues that the celebrations may be a little premature Continue Reading
-
News
31 Aug 2023
Sandworm attacks Ukraine with Infamous Chisel malware
The UK and its allies have attributed a novel malware campaign against Ukrainian state targets to the Russian intelligence-backed Sandworm APT Continue Reading
-
News
31 Aug 2023
Ducktail social media marketing malware rears its head again
Use of the Ducktail infostealer, which first popped up in 2022 targeting Meta Business accounts, seems to be increasing Continue Reading
-
News
30 Aug 2023
Cyber world hails downfall of Qakbot trojan
A multinational law enforcement hacking operation disrupted the botnet infrastructure used to distribute the Qakbot trojan at the weekend, in a major setback for the cyber criminal underworld Continue Reading
-
News
29 Aug 2023
Zero-day that forced Barracuda users to bin kit was exploited by China
Mandiant has published details of how a Chinese threat actor targeted high-profile users of Barracuda Networks' Email Security Gateway appliances, including government agencies of interest to Beijing's intelligence goals Continue Reading
-
News
24 Aug 2023
Teenage Lapsus$ ringleader was responsible for crime spree, UK court rules
A court has ruled that Arion Kurtaj, allegedly a key player in the Lapsus$ cyber extortion syndicate, was responsible for the group’s year-long campaign of cyber attacks Continue Reading
-
News
23 Aug 2023
St Helens Council in Merseyside hit by ransomware attack
St Helens Borough Council is investigating a suspected ransomware incident targeting its systems, and is advising residents to be on the alert for follow-on phishing attacks Continue Reading
-
News
23 Aug 2023
Cyber attacks in 2023 develop quicker as average dwell times plummet
The median attacker dwell time shrunk from 10 to eight days in the first seven months of 2023, and in the case of ransomware attacks it is down to just five days Continue Reading
-
News
22 Aug 2023
Singapore to bolster OT security capabilities
Cyber Security Agency of Singapore teams up with Dragos and the US Cybersecurity and Infrastructure Security Agency to bolster the country’s OT security capabilities Continue Reading
-
News
22 Aug 2023
Clop’s MOVEit attacks drive ransomware volumes to record high
Such has been the scope of Clop’s activity since May that ransomware attack volumes have more than doubled year on year, according to the latest data Continue Reading
-
News
21 Aug 2023
Cyber attack on Aussie energy services firm may hit UK CNI
Energy One, an Australia-based supplier of tech services to the energy sector, is investigating the possibility that some UK customers may have been caught up in an ongoing cyber attack on its systems Continue Reading
-
News
18 Aug 2023
NatWest customer calls bank’s handling of breach of his data ‘disgusting’
A second NatWest customer has contacted Computer Weekly after finding out from a whistleblower that his sensitive personal data has been in her home for 14 years Continue Reading
-
News
16 Aug 2023
NCSC expands Cyber Incident Response service more widely
The NCSC has added a level to its CIR programme to enable more cyber attack victims to take advantage of the service, which offers access to assured incident response specialists Continue Reading
-
News
15 Aug 2023
Norfolk and Suffolk police hit by FoI-linked data breach
Latest UK police data breach relates to crime suspects, victims and witnesses across East Anglia, and comes just days after a similar incident at the Northern Irish service Continue Reading
-
News
15 Aug 2023
Online safety message failing to get through to women
The security community could be doing a lot more to make its advice and guidance more accessible to women, according to a study Continue Reading
-
News
14 Aug 2023
US Cyber Board to probe cloud security after latest Exchange hack
CSRB review of cloud security comes in the wake of a major Chinese cyber attack on US government bodies orchestrated through Microsoft’s cloud services Continue Reading
-
News
10 Aug 2023
PSNI investigating second breach after laptop stolen
Just hours after accidentally disclosing the personal details of 10,000 personnel, the Police Service of Northern Ireland has notified a second data breach after a police issue laptop and documents were stolen from a parked car Continue Reading
-
News
09 Aug 2023
Northern Irish police expose staff data in botched FoI response
Human error is being blamed for the leak of personally identifiable information on all serving officers and civilian staff at the Police Service of Northern Ireland Continue Reading
-
News
08 Aug 2023
UK voter data hacked in cyber attack on election watchdog
An unknown threat actor who attacked the UK’s Electoral Commission had access to data on millions of UK voters for over a year, the watchdog has revealed Continue Reading
-
News
08 Aug 2023
Black Basta, Hive and Royal ransomware gangs may share real-world connection
At Black Hat USA, Sophos X-Ops researchers share data revealing potential connections between three active ransomware crews Continue Reading
-
News
07 Aug 2023
Microsoft fixes Azure flaw that was subject of researcher criticism
Microsoft has confirmed a potentially-dangerous flaw in the Azure platform has now been fully fixed, and moved to reassure customers that despite criticism it is committed to responsible disclosure and timely fixes Continue Reading
-
News
04 Aug 2023
Log4Shell, ProxyShell still among most widely exploited flaws
Statistics released by the collective Five Eyes cyber agencies reveals insight into the most exploited vulnerabilities of 2022, and unsurprisingly there are some old ‘friends’ on the list Continue Reading
-
News
03 Aug 2023
Scottish NHS trust ducks fine after staff shared patient data via WhatsApp
NHS Lanarkshire has been issued a formal reprimand by the ICO after staff members used WhatsApp to share patients’ personal data with one another Continue Reading
-
News
03 Aug 2023
Cozy Bear hijacks SME Microsoft 365 tenants in latest campaign
Microsoft shares intelligence on a newly observed Cozy Bear campaign that saw the APT take over genuine Microsoft 365 tenants and subvert them to try to phish its victims Continue Reading
-
News
03 Aug 2023
Microsoft attacked over ‘grossly irresponsible’ security practice
The CEO of Tenable has launched a scathing attack on Microsoft, asserting that the organisation is deliberately keeping its Azure cloud customers in the dark about dangerous vulnerabilities and accusing it of a culture of ‘toxic obfuscation’ Continue Reading
-
News
02 Aug 2023
Ivanti MDM users told to patch against two dangerous flaws
Users of Ivanti’s mobile device management platform have been warned to act now to patch two vulnerabilities that were chained by a threat actor in a series of cyber attacks on the Norwegian government Continue Reading
-
Opinion
31 Jul 2023
AI has a place in cyber, but needs effective evaluation
Organisations that don’t leverage AI-based security solutions will find themselves more vulnerable than those that do., but cyber pros still need to ensure they can effectively evaluate AI-enhanced tech to ensure it meets their use case Continue Reading
-
News
28 Jul 2023
Scottish university hit by Rhysida ransomware gang
Data allegedly stolen from the University of Western Scotland has been put up for sale on the dark web by a ransomware gang going by the name Rhysida Continue Reading
-
News
28 Jul 2023
How Indian organisations are keeping pace with cyber security
Indian organisations are shoring up their defences to improve their cyber resilience amid intensifying cyber threats targeted at key sectors such as healthcare and logistics Continue Reading
-
News
27 Jul 2023
Cyber criminals pivot away from ransomware encryption
Cyber breaches that saw data theft and extortion without an encryption or ransomware component account for more and more incidents, in a possible indication that ransomware gangs are changing up their business models Continue Reading
-
Opinion
27 Jul 2023
AI-enhanced cyber has potential, but watch out for marketing hype
As AI is a hot topic right now, it is no surprise there are some cyber solutions coming to market that have been thrown together in haste, but that said, genuine AI-powered security products do exist and their abilities could yet prove transformative. Continue Reading
-
News
27 Jul 2023
US cyber breach reporting rules to have global impact
Organisations that operate as Foreign Private Issuers in the US will have to get to grips with strict new cyber breach reporting regulations handed down by the SEC in Washington Continue Reading
-
News
26 Jul 2023
Cyber attack on IT supplier hits two major ambulance trusts
Ambulance trusts serving millions across southern England have been hamstrung for the past week after a cyber attack took down their hosted patient records system Continue Reading
-
News
25 Jul 2023
Cisco, BT and others launch network security coalition
Network Resilience Coalition focuses on bringing together global expertise to improve data and network security Continue Reading
-
News
25 Jul 2023
Tetra radio users’ comms may have been exposed for years
A number of flaws in the encryption algorithms used in the secure Tetra radio communications standard have potentially left users exposed to snooping Continue Reading
-
News
24 Jul 2023
CIO interview: Sean Green, University of East Anglia
In his role as director of digital and data at the University of East Anglia, Sean Green provides high-performance computing to researchers and manages the diverse needs of a campus with the characteristics of a small town, all while finding the time to study one of his passions Continue Reading
-
News
24 Jul 2023
Citrix NetScaler users told to patch new zero-day urgently
A vulnerability disclosed and patched last week by Citrix appears to be being exploited by China-backed threat actors as a zero-day, prompting warnings from government cyber bodies Continue Reading
-
News
24 Jul 2023
Security AI and automation may reduce cost of data breaches
Organisations that go all in on security AI and automation tend to incur lower financial costs when they experience a data breach incident, according to an IBM report Continue Reading
-
News
24 Jul 2023
Why cyber security should be part of your ESG strategy
The impact of data breaches and cyber threats on businesses, societies and the environment makes cyber security a key consideration in an environment, social and governance strategy Continue Reading
-
Opinion
21 Jul 2023
Future Cyber Threats: The four ‘horsemen of the apocalypse’
How to deal with emerging security threats from deep fake humans to the end of secure encryption Continue Reading
-
News
20 Jul 2023
How the DSMA balances security and privacy with press freedom
In a world of information sharing and 24-hour news cycles, the Defence and Security Media Advisory committee have to balance national security and data privacy with freedom of the press Continue Reading
-
News
19 Jul 2023
BlackCat and Clop gangs both claim cyber attack on Estée Lauder
Cosmetics conglomerate Estée Lauder is experiencing operational disruption in the wake of a cyber attack that seems to involve two different cyber crime gangs Continue Reading
-
News
19 Jul 2023
Half of cyber pros engage in risky behaviour at work, report claims
Approximately 55% of security professionals say they have engaged in behaviours they would more usually advise against in the workplace, according to a report Continue Reading
-
News
13 Jul 2023
Microsoft issues new warning over Chinese cyber espionage
A newly uncovered Chinese espionage campaign exploited forged authentication tokens to access its victims’ email accounts, says Microsoft Continue Reading
-
News
13 Jul 2023
One month after MOVEit: New vulnerabilities found as more victims are named
Five weeks after the mass MOVEit breach, new vulnerabilities in the file transfer tool are coming to light as the Clop cyber crime group continues to terrorise victims. But has the gang bitten off more than it can chew? Continue Reading
-
News
12 Jul 2023
Cozy Bear lures victims with used BMW 5 Series
A recent Cozy Bear campaign saw the Russian APT group pivot to exploiting an advert for a used car as it targeted diplomatic missions in Kyiv Continue Reading
-
News
12 Jul 2023
Whistleblower contacts NatWest customers affected by a decade-old data breach
Former worker says contacting the people affected by the data breach is her last resort after the bank and regulators appear satisfied that the sensitive data file is safe stored under her bed Continue Reading
-
News
03 Jul 2023
Over half of ANZ organisations hit by ransomware
Amid the rising ransomware threat, almost four in five organisations in ANZ expect to pay a ransom if they could recover data and business processes Continue Reading
-
News
03 Jul 2023
BlackCat gang claims cyber attack on Barts NHS Trust
Investigations continue into a claim by the ALPHV/BlackCat ransomware gang that it has stolen 7TB of data from Barts NHS Trust in London Continue Reading
-
News
30 Jun 2023
NHS data stolen in Manchester Uni ransomware attack
The ransomware gang behind the cyber attack on the University of Manchester appears to have got its hands on an NHS dataset being used by the university for research purposes Continue Reading
-
News
29 Jun 2023
‘Shadow’ AI use becoming a driver of insider cyber risk
Off-the-books use of generative AI tools will inevitably lead to a costly, high-profile data breach for someone, but a little attention paid to appropriate data management policy can help mitigate the risk Continue Reading
-
News
27 Jun 2023
A tenth of kids claim they could hack you
More and more young people are at risk of being drawn into cyber criminality, and parents must shoulder some of the blame, according to a report Continue Reading
-
News
23 Jun 2023
ICO under fire for taking limited action over serious data breaches
The ICO has come under fire from lawyers and data protection specialists for just issuing written warnings to two public bodies over serious data breaches that placed people’s lives at risk Continue Reading
-
News
23 Jun 2023
Phishing and ransomware dominate Singapore’s cyber threat landscape
Phishing and ransomware attacks continued apace in Singapore last year amid signs of improving cyber hygiene Continue Reading
-
News
22 Jun 2023
Manchester University students threatened by ransomware gang
Students and staff members at the University of Manchester are being pressurised by an unnamed ransomware gang Continue Reading
-
News
21 Jun 2023
Nearly quarter of a million malicious websites reported and removed through NCSC service
A suspicious email and text message reporting service in the UK has directly led to a quarter of a million malicious websites being removed Continue Reading
-
Feature
20 Jun 2023
ChatGPT is creating a legal and compliance headache for business
ChatGPT’s increased use in the workplace has led many to question its legal and compliance implications for businesses. Experts warn that the software poses major security and copyright risks Continue Reading
-
News
19 Jun 2023
Early June Microsoft outages were result of large-scale DDoS hit
Investigations into recent outages on Microsoft Azure and Outlook services have turned up evidence of a massive distributed denial-of-service attack Continue Reading
-
News
19 Jun 2023
Nakivo adds ransomware scanning and new restore options
Backup maker adds malware scanning with big names in security to immutable backup copy functionality. “Tape’s not dead” either, with restore from the venerable medium now possible Continue Reading
-
News
19 Jun 2023
UK to contribute up to £25m to Ukraine cyber defences
Prime minister Rishi Sunak announces an expansion to the Ukraine Cyber Programme, with a cash boost of up to £25m over the next two years Continue Reading
-
News
15 Jun 2023
Exploitation of Barracuda ESG appliances linked to Chinese spies
Intelligence from Mandiant links exploitation of a flaw in a subset of Barracuda ESG appliances to a previously untracked China-nexus threat actor Continue Reading
-
News
15 Jun 2023
NCSC warns over ‘enduring’ LockBit threat
Although its activity volumes have been lower of late, LockBit is still a highly dangerous ransomware gang and is now the subject of a new international cyber advisory Continue Reading
-
News
15 Jun 2023
Clop begins naming alleged MOVEit victims
Clop uploaded details of 12 new victims to its dark web leak site late on 14 June, many of them likely linked to the ongoing MOVEit cyber attack Continue Reading
-
News
14 Jun 2023
Ransomware-stricken Capita to run Action Fraud successor
A £50m deal to replace the Action Fraud service has been handed to PwC and Capita, which is facing investigations over its handling of customer data in a ransomware incident Continue Reading
-
News
14 Jun 2023
Clop’s MOVEit ransom deadline expires
A seven-day deadline set by Clop for victims of its latest attack to contact it to arrange payment passes today Continue Reading
-
News
14 Jun 2023
Cyber attacks against APAC commerce sector surpass 1.1 billion
Retailers, hotels and travel-related organisations in the region saw over a billion cyber attacks last year amid the surge in e-commerce activity and online travel bookings Continue Reading
-
News
13 Jun 2023
Arnold Clark data leak victims prepare legal action
More than 10,000 people who had their data stolen and leaked in a ransomware attack on the Arnold Clark car dealer network have signed up to a group legal action after facing elevated amounts of fraud Continue Reading
-
News
12 Jun 2023
Ofcom data stolen in MOVEit cyber attack
Communications regulator Ofcom says data on employees and regulated communications companies was stolen by the Clop gang Continue Reading